I am using socat for windows as a client to tunnel DNS over SSH, it works perfectly until the ssh connection dies or becomes temporarily unavailable - when this happens the socat windows client terminates and requires restarting.
I am using the following command on windows client:
socat -s udp-recvfrom:53,reuseaddr,bind=127.0.0.1,fork tcp:127.0.0.1:5377
Does anyone know a way to prevent the socat client from quitting when the ssh connection becomes unavailable? The help file suggests the -s switch solves this but it doesn't.
Following your comment, a loop in VBScript (what Windows Scripting Host uses) is easier:
Do
WshShell.Run "socat.exe -s udp-recvfrom:53,reuseaddr,bind=127.0.0.1,fork tcp:127.0.0.1:5377",0,True
Loop While True
Related
Is there an easy way to use the telnet server from command line?
I can connect with telnet [ip/domain] [port] but is there a telnet equivalent of nc -l -p [port]?
I've tried using netcat for windows but it didn't support ANSI.
I've tried telnet-server but that didn't work.
Is there a native Win7 way of making a telnet server? And if so, how?
The partial answer is net start telnet, though there's no easy way to emulate netcat -e.
EDIT: Just use netcat, it can transmit ansi art, but only telnet can display it.
I tried to open putty ssh connection over SOCKS5 proxy via command line.
putty.exe -P port -pw password username#host -nc proxyhost:proxyport
This command doesn't work and I think it is incorrect. I tried a lot of variants of this command, but putty user manual doesn't contain necessary information.
I tried to connect to my host throw putty UI and it works fine.
For openSSH similar command looks
ssh -o "ProxyCommand=nc -x proxyhost:proxyport %h %p" -p port username#host
If I were you I would create a "Saved Session" with Putty and launch it via command line:
putty.exe -load session_name
It will be easier to create a "Saved Session" via the PuTTY interface than toying around with the command line. And it seems like you already have it working through the PuTTY interface.
Even though this is an old thread I would like to add my two cents, as I found it hard to gather all the information necessary to set up a working ssh connection over a SOCKS-5 proxy using putty command line and this thread showed up in my result list.
TL;DR
It is currently not possible (as of putty v0.74) to route ssh traffic over a SOCKS-5 proxy using putty or plink as the proxy-command on the command line. You have to use an alternative like ncat for windows, e.g.:
putty -p <targetport> -proxycmd "ncat.exe --proxy-type socks5 --proxy <proxyhost>:<proxyport> <targethost> <targetport>" <targethost>
Details
The putty GUI allows the configuration of an SOCKS-5 proxy, see putty documentation.
As correctly stated in the answer, by BlakBat this configuration can be called via command line using the -load argument.
The command line argument -proxycmd triggers the use of a so called 'local' proxy connection (see the putty documentation again):
> 3.8.3.24 -proxycmd: specify a **local** proxy command
The local proxy command is a command issued on the local machine, that will handle the proxy connection (see the documentation about proxy types). ncat is such a command and it is able to interact with a SOCKS-5 proxy.
Finally, it is tempting to use plink/putty as the proxy command to avoid the use of multiple tools.
Putty claims to provide an alternative to the netcat utility via the -nc argument, however the putty documentation states:
If you want your local proxy command to make a secondary SSH connection to a proxy host and then tunnel the primary connection over that, you might well want the -nc command-line option in Plink.
If you try to use the -nc argument to open a SOCKS-5 connection your SOCKS server log might show something like this:
sockd[1234]: info: block(1): tcp/accept ]: 1.2.3.4.4711 1.2.3.5.1080: error after reading 1 byte in 0 seconds: unknown SOCKS version 83 in client request
This is an indication that an attempt was made to open an SSH session to the SOCKS-5 server.
So, unfortunately, to my knowledge your only chance is to use putty along with a netcat-like tool to establish a proxied SSH connection using an SOCKS-5 proxy.
Simple,
putty -D 8080 <user_id>#<server_name> -pw <password>
for a programming project I have to do some strange setup. Now, first of all, I have root rights on both servers, and I think an ssh tunnel is the best way (if you have a better idea, please feel free to tell me)
I have to write a piece of software running on an IRC server. That is not difficult, but the IRC server is only reachable on localhost. So I have to ssh to the box first and then use irssi or similar to connect to localhost:6667
Now I tried to do an ssh-tunnel from a second server (where I have irssi running all the time) and then tunnel to the server and use localhost through the tunnel, something like:
ssh -f user#server2 -L 2000:server2:6667 -N
Now this is not working as expected when I use irssi to connect to localhost:2000. I don't understand why, do you have any hint? I would be glad if you could help me.
Regards
Remember that that address you tunnel to (server2:6667 in your case) is from the point of view of the destination. For example: I have a VPS running with ssh installed. If I do ssh -f user#vps -L 2000:localhost:3306 I can connect to the MySql server running on it (which is only listening on the loopback interface).
So assuming the IRC server is running on server2 you should do:
you#server1:~$ ssh -f you#server2 -L 2000:localhost:6667 -N
You can then connect to localhost:2000 (on server1) with your IRC client and get a connection to the IRC-server running on server2.
I need to create SSH tunnel with PuTTY in Windows, that would do the same as this command in Linux:
ssh -fN -L 2000:SomeIp:2000 myusername#myLinuxBox
I tried many options in PuTTY, including setting source port in GUI to "2000" and destination to "SomeIp:2000". Destination is set to local (as the -L switch suggests).
I successfully login to my SSH box but port forward is not made.
Is this even possible in Windows, so that all the connections made by programs that use this port (2000) will go through this tunnel?
With the PuTTY suite, you can set up a tunnel either using the PuTTY itself (GUI) or using the command-line tool plink.exe.
With the plink.exe, you use the same arguments as with the OpenSSH ssh, except for the -f, which does not have an equivalent in Windows.
plink.exe -N -L 2000:SomeIp:2000 myusername#myLinuxBox
Reference: Using the command-line connection tool Plink
With the PuTTY, the -L 2000:SomeIp:2000 translates to:
So it's actually, what you claim to have tried. If you have any problems, use the PuTTY event log to investigate:
The -N translates to the option "Don't start a shell or command at all".
But it probably does not make sense with a GUI client to enable it, as you get a window anyway, you just cannot do anything with it. See also the PuTTY wish no-terminal-window.
If you are going to use the tunnel to connect with PuTTY to another server, you can actually set up the tunnel as a part of the session settings with use of plink as a proxy, see: PuTTY configuration equivalent to OpenSSH ProxyCommand.
You probably want to use plink.exe instead of the GUI client. The command line syntax is compatible iirc.
Or you can wade through the putty GUI, which also allows this. See Connection > SSH > Tunnels on the left side with the option tree.
The answers above mention two different ways of resolving the problem:
using plink
using putty GUI
I don't have plink and I can't download the plink.exe file (it is a closely monitored restricted environment) so used a different way to script the solution with a one-line script:
start putty -ssh myusername#myLinuxBox -pw my_pw -L 2000:localhost:2000
Store this in a batch file (file extension ".bat", e.g. "tunnel.bat"). So every time you double-click on this file the command is run and putty creates the ssh tunnel. If you want more tunnels just repeat this part
-L 2000:localhost:2000
by changing the ports accordingly.
"Source" port is a port number on the same machine from which you are running putty (eg. open this in your browser: 127.0.0.1:source). "Destination" is your remote port that you want to connect to from your local machine. It started to work after I realized this.
I'm having a curious problem with a little script to make a VNC connection to a remote host. The script just makes an SSH tunnel for the VNC session and then opens the viewer. It's only two lines, and when copied into the shell manually, it works fine. However, invoking the script causes the VNC viewer to fail with this error:
main: unable to connect to host: Connection refused (111)
Here's the script:
#!/bin/bash
ssh -N -L5903:localhost:5903 username#example.com &
vncviewer :3
The tunnel lives throughout the process, so that isn't the problem. Neither is permissions -- the same error occurs when the script is run as root. I've got public key authentication set up, so it's not that ssh is requesting a password.
What am I missing? The commands work when typed in the shell!
Thanks in advance.
Most likely the vncviewer command is being executed too quickly after the ssh command. Try putting
sleep 3
between those two commands to allow time for the port forwarding to be set up.